If you think burnable fuses to prevent downgrading is interesting, wait until you see the black magic that Apple cooked up to prevent iPhone downgrades.
No fuses there - just an incredibly complex mess of nonces, digitally signed tickets, and secret generator keys.
Apple internal iOS devices used by engineers are "dev-fused".
This hardware configuration opens up the device to some extent, allowing Apple engineers more latitude when developing software.
There have been articles saying that Apple lets some third party security people use these devices.
I can see how giving that access that might make sense, but I don't know if that article is true.
Dev-fused devices would also be very useful to Apple adversaries like NSO in developing hacks so I would actually expect Apple to continue to keep tight control over them.
> Apple internal iOS devices used by engineers are "dev-fused".
We at Samsung use a similar mechanism called Anti Rollback Prevention (ARP). It is a switch that can be enabled for normal devices if the employees using them are given an approval by their boss. Only a handful of employees have access to it, and the switch turns off by itself after a defined period.
Apple does not provide third parties access to developer fused devices. They do have a "security research device" program that allows nominally more access to the device, kind of equivalent to most jailbreaks these days, but definitely falling short of a development fusing or what something like checkra1n would get you.
Correct me if I'm wrong but those require an internet connection, right? I think Nintendo can't use online codesigning because (certain?) game carts have firmware upgrades that the game itself requires. Nintendo wants the user to be able to install those firmware upgrades offline, like if some kid plays a game for the first time on a road trip or plane ride.
Gads, don't get me started on SPI software upgrades on the Mac Book Pro. Serious cramp in the calvins. Forced non-down-gradable (sp?) OS because of that.
Could you expand on how this causes problems? As far as I'm aware, this has never prevented e.g. downgrading to an older version of macOS. (I assume I would know because I downgrade everything to OS X 10.9.)
A 2012 Macbook Air, a 2014 Macbook Air, and a 2014 Macbook Pro. The 2012 Macbook Air was upgraded to Mojave at one point before it ran Mavericks. I admittedly don't know what OS the two 2014 Macs were running before I bought them in 2020.
No fuses there - just an incredibly complex mess of nonces, digitally signed tickets, and secret generator keys.